Re: [Evolution] TLS/authenticated SMTP

From: Jeffrey Stedfast <fejj ximian com>
To: bnh1 columbia edu
Cc: evolution ximian com
Subject: Re: [Evolution] TLS/authenticated SMTP
Date: 03 Oct 2002 16:59:02 -0400

On Thu, 2002-10-03 at 15:52, ben hall wrote:
[snip]

*****************************************
Received: from columbia.edu (pepu.ais.columbia.edu [128.59.223.160])
      (user=bnh1 mech=PLAIN bits=0)
      by marionberry.cc.columbia.edu (8.12.3/8.12.3) with ESMTP id g93Ih1XO011345
      (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT);
      Thu, 3 Oct 2002 14:43:03 -0400 (EDT)
*****************************************


I don't think mech=PLAIN means much, especially after the following log
that you provided.


Plain is most certainly supported, as are some others.  I think the 
probably is that the university's customized sendmail configuration 
minimizes feedback to clients.

For instance:

[ben pepu ben]$ telnet send.columbia.edu 25
Trying 128.59.59.23...
Connected to send.columbia.edu.
Escape character is '^]'.
220 dewberry.cc.columbia.edu ESMTP Sendmail 8.12.3/8.12.3/CU/JPB ready 
at Thu, 3 Oct 2002 15:31:14 -0400 (EDT)
EHLO pepu.ais.columbia.edu
250-dewberry.cc.columbia.edu Hello pepu.ais.columbia.edu 
[128.59.223.160], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE 10000000
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
AUTH
503 5.3.3 AUTH not available
HELP
502 5.3.0 Sendmail 8.12.3 -- HELP not implemented


Hmmm, if the fact that it didn't list AUTH in the EHLO response didn't
convince you, the "503 5.3.3 AUTH not available" sure as heck should.



The debug information churned out 3591 lines, so I'll give you what i 
think is the most pertinent:

sending : EHLO pepu.ais.columbia.edu^M
received: 250-dewberry.cc.columbia.edu Hello pepu.ais.columbia.edu 
[128.59.223.160], pleased to meet you
received: 250-ENHANCEDSTATUSCODES
This server supports enhanced status codes
received: 250-PIPELINING
received: 250-EXPN
received: 250-VERB
received: 250-8BITMIME
This server supports 8bit MIME
received: 250-SIZE 10000000
received: 250-ETRN
received: 250-STARTTLS
This server supports STARTTLS
received: 250-DELIVERBY
received: 250 HELP
sending : STARTTLS^M
received: 220 2.0.0 Ready to start TLS


hmmm, we should have sent an EHLO after this.

sending : MAIL FROM:<bnh1 columbia edu>^M
received: 250 2.1.0 <bnh1 columbia edu>... Sender ok
sending : RCPT TO:<ben benhall com>^M
received: 550 5.7.1 <ben benhall com>... Relaying denied. Proper 
authentication required.
sending : QUIT^M
received: 221 2.0.0 dewberry.cc.columbia.edu closing connection


It looks to me like any AUTH stuff is not available until after a 
STARTTLS has been issued.  But i'm not a sendmail guru either.  There's 
no question, however, that our servers support PLAIN authentication over 
  TLS.


Well, I can't say that it does or doesn't with this debug log because as
you said we're supposed to re-EHLO. I know we used to do this. I wonder
if I removed it on purpose?

Anyways, please submit a bug report a bug and assign it to me. I've got
a potential fix already.


Any help is appreciated, I really wish I could get back to using 
Evolution full-time.  It makes pretty much every other mail program out 
there look like slow, ugly crap.

Thanks,
Ben


Jeff

-- 
Jeffrey Stedfast
Evolution Hacker - Ximian, Inc.
fejj ximian com  - www.ximian.com

References:
- [Evolution] TLS/authenticated SMTP
  - From: ben hall
- Re: [Evolution] TLS/authenticated SMTP
  - From: Jeffrey Stedfast
- Re: [Evolution] TLS/authenticated SMTP
  - From: ben hall
- Re: [Evolution] TLS/authenticated SMTP
  - From: Jeffrey Stedfast
- Re: [Evolution] TLS/authenticated SMTP
  - From: ben hall

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]